DAILY NEWS: Setembro (18/09 - 24/09) - 38 Semana de 2022
Cyber Security and Information Security News - Daily Updates !! Weekly Review
24/09
15 Year Old Python Bug Let Hacker Execute Code in Code 350k Python Projects
American Airlines learned it was breached from phishing targets
Criminals are using QR codes to target victims - how to avoid 'most insidious' scam
Hackers Exploited Zero-Day RCE Vulnerability in Sophos Firewall — Patch Released
Israel Bolsters Digital Defense Amid Iran Cyber Threat – Analysis
Landbank warns of phishing scam via Google Ads search
London Police Arrested 17-Year-Old Hacker Suspected of Uber and GTA 6 Breaches
Microsoft SQL servers hacked in TargetCompany ransomware attacks
OneTouchPoint data breach investigation: Who’s affected?
Optus confirms customer data breach, says passport data may be affected
Optus issues data scam alert to customers
Ransomware attacks on healthcare organizations have devastating results for providers & patients
Some Questions answered by the GTA 6 Leaks and others left hanging
Take-Two confirms cyber attack on 2K Games
TAP cyberattack: Portuguese president's personal data stolen
What is a cyber insurance policy? Should you buy one?
23/09
As Cyberattacks Intensify, Orgs Don’t Report Incidents
Australian Telecoms company Optus discloses security breach
Beware fake anti-virus reviews
CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability
Critical ManageEngine RCE flaw is being exploited (CVE-2022-35405)
Cyber attack threat: Dumfries and Galloway Council on alert
Cyber Security & Cloud Expo: Examining the 2022 malware landscape
Cyprus and Romania build ties on cybersecurity, innovation and entrepreneurship
Europol "Hackathon" Identifies Scores of Human Trafficking Victims
Fake Indian Banking Rewards Apps Targeting Android Users with Info-stealing Malware
Firing Your Entire Cybersecurity Team? Are You Sure?
Hackers Using Malicious OAuth Apps to Take Over Email Servers
How does identity crime affect victims?
Learn How To Be A Good Hacker With The 2023 Cyber Security Ethical Hacking Bundle With 98% Off
Massive cyber attack in Australia; nearly 10 million people affected
Microsoft shares workarounds for Windows Group Policy issues
Mitigating the cybersecurity crisis for the school year ahead
Multi-million dollar credit card fraud operation uncovered
NSA Reveals "Hackers' Playbook" for OT Attacks
Optus cyber-attack could involve customers dating back to 2017
Optus Cyber-attack | What You Need to Know
Revolut hit by ‘highly targeted’ cyber attack
Risk management focus shifts from external to internal exposure
Seven-Year Mobile Surveillance Campaign Targets Uyghurs
Supply chain cyber security series
This image contains its own MD5 checksum — and it's kind of a big deal
Void Balaur Hackers-for-Hire Targeting Russian Businesses and Politics Entities
Why MFA matters: These attackers cracked admin accounts then used Exchange to send spam
22/09
15-Year-Old Unpatched Python Vulnerability Potentially Affects Over 350,000 Projects
Authorized Push Payments Surge to 75% of Banking Fraud
BlackCat ransomware’s data exfiltration tool gets an upgrade
Critical Magento vulnerability targeted in new surge of attacks
Customers’ personal data stolen as Optus suffers massive cyber-attack
Data Stolen: TAP Air Portugal Suffers Cyberattack
Fake Banking Rewards Apps Install Info-stealing RAT on Android Phones
Google Chrome users looking to download pirated software at risk of new malware infection
Hackers stealing GitHub accounts using fake CircleCI notifications
Hackers Targeting Unpatched Atlassian Confluence Servers to Deploy Crypto Miners
How to Prevent Ransomware as a Service (RaaS) Attacks
Iranian Hackers Hid in Albanian Networks for Over a Year
IT Security Takeaways from the Wiseasy Hack
Los Angeles school district receives ransom demand from Labor Day weekend cyberattacker
Malicious NPM Package Caught Mimicking Material Tailwind CSS Package
Microsoft Exchange servers hacked via OAuth apps for phishing
Morgan Stanley Fined $35m By SEC For Data Security Lapse
National Security Agency (NSA) shares guidance to help secure OT/ICS critical infrastructure
Nelnet loan service data breach: What you should know
OpIran – Anonymous Hits Iranian State Sites, Hacks Over 300 CCTV Cameras
Optus attack exposes customer information
Optus data breach: who is affected, what has been taken and what should you do?
Optus Hit By Cyber-Attack, Breach Affects Nearly 10 Million Customers
Preventing the Recruitment of Insider Threat Actors
Python tarfile vulnerability affects 350,000 open-source projects (CVE-2007-4559)
Researchers Disclose Critical Vulnerability in Oracle Cloud Infrastructure
Researchers Uncover Years-Long Mobile Spyware Campaign Targeting Uyghurs
Russia-Based Hackers FIN11 Impersonate Zoom to Conduct Phishing Campaigns
SMBs vs. large enterprises: Not all compromises are created equal
Threat actors have their insider threats, too
Three Iranian Nationals Charged in Critical Services Scheme
Twitter Password Reset Bug Exposed User Accounts
Uber hack reveals key security lapses; here’s how firms can avoid them
Up to 9 million Aussies affected in major Optus data breach
US Agency Broke Into China’s Telecom Networks, State Media Says
US’ NSA infiltrates China’s data infrastructure in cyberattack on leading university
Waterloo Region District School Board (WRDSB) lawyer clarifies police timeline in cyber attack
What you need to know about Evil-Colon attacks
21/09
2K Games Support Desk Hacked, Phishing Emails Sent To Certain Players
2K warns of cyber attack of its customer support
3 free Linux security training courses you can take right now
4 key takeaways from “XDR is the Perfect Solution for SMEs” webinar
20/20 visibility is paramount to network security
350K Open-Source Projects At Risk of Supply Chain Vulnerability
Agent-based vs. agentless security: Pros and cons
American Airlines confirms data breach exposing some customers’ data
Best practices to bolster software supply chain security
ChromeLoader, what took you so long? Malvertising irritant now slings ransomware
Companies Without Zero Trust Could Lose $1M More During a Data Breach
Critical Remote Hack Flaws Found in Dataprobe's Power Distribution Units
Crypto Trading Firm Wintermute Loses $160 Million in Hacking Incident
DDoS and bot attacks in 2022: Business sectors at risk and how to defend
Domain shadowing becoming more popular among cybercriminals
FBI: Iranian hackers lurked in Albania’s govt network for 14 months
Is $15.6 billion enough to protect critical infrastructure?
LinkedIn Smart Links abused in evasive email phishing attacks
LockBit ransomware builder leaked online by “angry developer”
Malwarebytes mistakenly blocks Google, YouTube for malware
Microsoft Upgrades Windows 11 With New Security Features
Multiple Vulnerabilities Discovered in Dataprobe's iBoot-PDUs
NCSC: British Retailers Need to Move Beyond Passwords
New York Racing Association confirms hack by Hive ransomware group
Ninety Percent of Organizations Struggle with Ransomware
Open Source Repository Attacks Soar 700% in Three Years
Over 39,000 Unauthenticated Redis Instances Found Exposed on the Internet
Record DDoS Attack with 25.3 Billion Requests Abused HTTP/2 Multiplexing
Security lessons to learn after the Uber data breach
South Redford Schools closed again after cyber attack
Survey Reveals the Severity of Cloud Security Challenge
The explosion of data is beyond human ability to manage
The Multi-Cloud is The New Normal, But Creates Key Security Challenges
The rise of ‘PhaaS’ — and a roadmap to mitigate ‘Phishing-as-a-Service’
Twitter failed to log you out of all devices after password resets
Two-Fifths of US Consumers Suffer Personal Data Theft
Unpatched 15-year old Python bug allows code execution in 350k projects
U.S. Adds 2 More Chinese Telecom Firms to National Security Threat List
US to award $1B to state, local, and territorial governments to improve cyber resilience
Video Game Publisher Admits Helpdesk Was Hijacked
What Is Ransomware? A Guide to Ransomware Prevention and Removal
Why Zero Trust Should be the Foundation of Your Cybersecurity Ecosystem
Windows 11 gets better protection against SMB brute-force attacks
20/09
American Airlines Admits Data Breach
American Airlines Breach Exposes Customer and Staff Information
American Airlines hit by data breach
American Airlines says data breach affected some customers, employees
City Furniture, Inc. Files Notice of Data Breach
Common medical devices ripe for cyberattack, LTC prone to security breaches
Critical Vulnerability in Oracle Cloud Infrastructure Allowed Unauthorized Access
Cyber Threat Detection: The First Layer of Defence in Depth
Cyber Security Awareness Master Plan to be ready in 2023: MKN
Europol and Bitdefender Jointly Release LockerGoga Decryptor
Game dev 2K’s support site hacked to push malware via fake tickets
Grand Theft Auto Publisher Rockstar Games Hacked
GTA 6: FBI investiga suposto hacker da Rockstar
Hacker da Uber afirma ter invadido jogos da Rockstar e lançado vídeos de GTA 6
Hackers invadem empresa de criptomoedas e roubam R$ 800 milhões
Hackers steal $162 million from Wintermute crypto market maker
Holiday Inn hotel chain hit by cyber attack
How can organizations benefit from full-stack observability?
How to activate Lockdown Mode on macOS Ventura
HowTo: Defend the Legal Sector from Insider Threats
Indonesia finally passes personal data protection law
Kiwi Farms Website Hacked! Admin Warns of Data Leak
Lapsus$, grupo hacker que derrubou a Microsoft, agora ataca fabricante do “GTA 6”
MFA Fatigue: Hackers’ new favorite tactic in high-profile breaches
New CFIUS Executive Order Clarifies Review Factors for Evolving National Security Landscape
NY Ambulance Service Suffers Healthcare Data Breach, 318K Impacted
Open-source software usage slowing down for fear of vulnerabilities, exposures, or risks
Organizations Lack Visibility Into Cloud Access
PebblePad achieves new ISO and cyber-security accreditations
Phishing attacks targeting US government have evolved in sophistication, Confense reports
Plans for the EU-wide Cyber Resilience Act have been unveiled
Ransomware attack at NY emergency service prompts data breach
Ransomware attacks have nearly doubled since 2020, according to GetApp
Revolut Breach May Have Hit 50,000+ Customers
Revolut data breach: 50,000+ users affected
Revolut mobile banking startup confirms data breach of 50,000 users
Ripple effects of ransomware attack against Suffolk County continue more than a week later
Russian Sandworm Hackers Impersonate Ukrainian Telecoms to Distribute Malware
Social Engineering: How A Teen Hacker Allegedly Managed To Breach Both Uber And Rockstar Games
Take cybersecurity out to where employees and data are coming together
The 25 most popular programming languages and trends
The Innovative CEO Of An Automotive Cyber Security Company
The rise of attacks on critical infrastructure
Uber Blames Lapsus$ for Breach
Uber Blames LAPSUS$ Hacking Group for Recent Security Breach
Uber hit by significant cyber attack
Uber says Lapsus$ gang is behind the recent breach
While Hackers Eye Small Businesses, Ransomware Attacks Decline
Wintermute, market maker cripto, perde US$ 160 milhões com ataque hacker a operação DeFi